search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Localisation updates from https://translatewiki.net.
[mediawiki.git] / includes / actions / RollbackAction.php
blob4502fc0467b1e650f04339a7b77baea4e126939f
1 <?php
2 /**
3 * Edit rollback user interface
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
18 *
19 * @file
20 * @ingroup Actions
21 */
22
23 use MediaWiki\CommentFormatter\CommentFormatter;
24 use MediaWiki\Config\ConfigException;
25 use MediaWiki\Content\IContentHandlerFactory;
26 use MediaWiki\Context\IContextSource;
27 use MediaWiki\Deferred\DeferredUpdates;
28 use MediaWiki\HTMLForm\HTMLForm;
29 use MediaWiki\Linker\Linker;
30 use MediaWiki\MainConfigNames;
31 use MediaWiki\MediaWikiServices;
32 use MediaWiki\Message\Message;
33 use MediaWiki\Page\RollbackPageFactory;
34 use MediaWiki\Revision\RevisionRecord;
35 use MediaWiki\User\Options\UserOptionsLookup;
36 use MediaWiki\Watchlist\WatchlistManager;
37
38 /**
39 * User interface for the rollback action
40 *
41 * @ingroup Actions
42 */
43 class RollbackAction extends FormAction {
44
45 private IContentHandlerFactory $contentHandlerFactory;
46 private RollbackPageFactory $rollbackPageFactory;
47 private UserOptionsLookup $userOptionsLookup;
48 private WatchlistManager $watchlistManager;
49 private CommentFormatter $commentFormatter;
50
51 /**
52 * @param Article $article
53 * @param IContextSource $context
54 * @param IContentHandlerFactory $contentHandlerFactory
55 * @param RollbackPageFactory $rollbackPageFactory
56 * @param UserOptionsLookup $userOptionsLookup
57 * @param WatchlistManager $watchlistManager
58 * @param CommentFormatter $commentFormatter
59 */
60 public function __construct(
61 Article $article,
62 IContextSource $context,
63 IContentHandlerFactory $contentHandlerFactory,
64 RollbackPageFactory $rollbackPageFactory,
65 UserOptionsLookup $userOptionsLookup,
66 WatchlistManager $watchlistManager,
67 CommentFormatter $commentFormatter
68 ) {
69 parent::__construct( $article, $context );
70 $this->contentHandlerFactory = $contentHandlerFactory;
71 $this->rollbackPageFactory = $rollbackPageFactory;
72 $this->userOptionsLookup = $userOptionsLookup;
73 $this->watchlistManager = $watchlistManager;
74 $this->commentFormatter = $commentFormatter;
75 }
76
77 public function getName() {
78 return 'rollback';
79 }
80
81 public function getRestriction() {
82 return 'rollback';
83 }
84
85 protected function usesOOUI() {
86 return true;
87 }
88
89 protected function getDescription() {
90 return '';
91 }
92
93 public function doesWrites() {
94 return true;
95 }
96
97 public function onSuccess() {
98 return false;
99 }
100
101 public function onSubmit( $data ) {
102 return false;
103 }
104
105 protected function alterForm( HTMLForm $form ) {
106 $form->setWrapperLegendMsg( 'confirm-rollback-top' );
107 $form->setSubmitTextMsg( 'confirm-rollback-button' );
108 $form->setTokenSalt( 'rollback' );
109
110 $from = $this->getRequest()->getVal( 'from' );
111 if ( $from === null ) {
112 throw new BadRequestError( 'rollbackfailed', 'rollback-missingparam' );
113 }
114 foreach ( [ 'from', 'bot', 'hidediff', 'summary', 'token' ] as $param ) {
115 $val = $this->getRequest()->getVal( $param );
116 if ( $val !== null ) {
117 $form->addHiddenField( $param, $val );
118 }
119 }
120 }
121
122 /**
123 * @throws ErrorPageError
124 * @throws ReadOnlyError
125 * @throws ThrottledError
126 */
127 public function show() {
128 $this->setHeaders();
129 // This will throw exceptions if there's a problem
130 $this->checkCanExecute( $this->getUser() );
131
132 if ( !$this->userOptionsLookup->getOption( $this->getUser(), 'showrollbackconfirmation' ) ||
133 $this->getRequest()->wasPosted()
134 ) {
135 $this->handleRollbackRequest();
136 } else {
137 $this->showRollbackConfirmationForm();
138 }
139 }
140
141 public function handleRollbackRequest() {
142 $this->enableTransactionalTimelimit();
143 $this->getOutput()->addModuleStyles( 'mediawiki.interface.helpers.styles' );
144
145 $request = $this->getRequest();
146 $user = $this->getUser();
147 $from = $request->getVal( 'from' );
148 $rev = $this->getWikiPage()->getRevisionRecord();
149 if ( $from === null ) {
150 throw new ErrorPageError( 'rollbackfailed', 'rollback-missingparam' );
151 }
152 if ( !$rev ) {
153 throw new ErrorPageError( 'rollbackfailed', 'rollback-missingrevision' );
154 }
155
156 $revUser = $rev->getUser();
157 $userText = $revUser ? $revUser->getName() : '';
158 if ( $from !== $userText ) {
159 throw new ErrorPageError( 'rollbackfailed', 'alreadyrolled', [
160 $this->getTitle()->getPrefixedText(),
161 wfEscapeWikiText( $from ),
162 $userText
163 ] );
164 }
165
166 if ( !$user->matchEditToken( $request->getVal( 'token' ), 'rollback' ) ) {
167 throw new ErrorPageError( 'sessionfailure-title', 'sessionfailure' );
168 }
169
170 // The revision has the user suppressed, so the rollback has empty 'from',
171 // so the check above would succeed in that case.
172 // T307278 - Also check if the user has rights to view suppressed usernames
173 if ( !$revUser ) {
174 if ( $this->getAuthority()->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
175 $revUser = $rev->getUser( RevisionRecord::RAW );
176 } else {
177 $userFactory = MediaWikiServices::getInstance()->getUserFactory();
178 $revUser = $userFactory->newFromName( $this->context->msg( 'rev-deleted-user' )->plain() );
179 }
180 }
181
182 $rollbackResult = $this->rollbackPageFactory
183 // @phan-suppress-next-line PhanTypeMismatchArgumentNullable use of raw avoids null here
184 ->newRollbackPage( $this->getWikiPage(), $this->getAuthority(), $revUser )
185 ->setSummary( $request->getText( 'summary' ) )
186 ->markAsBot( $request->getBool( 'bot' ) )
187 ->rollbackIfAllowed();
188 $data = $rollbackResult->getValue();
189
190 if ( $rollbackResult->hasMessage( 'actionthrottledtext' ) ) {
191 throw new ThrottledError;
192 }
193
194 # NOTE: Permission errors already handled by Action::checkExecute.
195 if ( $rollbackResult->hasMessage( 'readonlytext' ) ) {
196 throw new ReadOnlyError;
197 }
198
199 if ( $rollbackResult->getMessages() ) {
200 $this->getOutput()->setPageTitleMsg( $this->msg( 'rollbackfailed' ) );
201
202 foreach ( $rollbackResult->getMessages() as $msg ) {
203 $this->getOutput()->addWikiMsg( $msg );
204 }
205
206 if (
207 ( $rollbackResult->hasMessage( 'alreadyrolled' ) || $rollbackResult->hasMessage( 'cantrollback' ) )
208 && isset( $data['current-revision-record'] )
209 ) {
210 /** @var RevisionRecord $current */
211 $current = $data['current-revision-record'];
212
213 if ( $current->getComment() != null ) {
214 $this->getOutput()->addWikiMsg(
215 'editcomment',
216 Message::rawParam(
217 $this->commentFormatter
218 ->format( $current->getComment()->text )
219 )
220 );
221 }
222 }
223
224 return;
225 }
226
227 /** @var RevisionRecord $current */
228 $current = $data['current-revision-record'];
229 $target = $data['target-revision-record'];
230 $newId = $data['newid'];
231 $this->getOutput()->setPageTitleMsg( $this->msg( 'actioncomplete' ) );
232 $this->getOutput()->setRobotPolicy( 'noindex,nofollow' );
233
234 $old = Linker::revUserTools( $current );
235 $new = Linker::revUserTools( $target );
236
237 $currentUser = $current->getUser( RevisionRecord::FOR_THIS_USER, $user );
238 $targetUser = $target->getUser( RevisionRecord::FOR_THIS_USER, $user );
239 $this->getOutput()->addHTML(
240 $this->msg( 'rollback-success' )
241 ->rawParams( $old, $new )
242 ->params( $currentUser ? $currentUser->getName() : '' )
243 ->params( $targetUser ? $targetUser->getName() : '' )
244 ->parseAsBlock()
245 );
246 // Load the mediawiki.misc-authed-curate module, so that we can fire the JavaScript
247 // postEdit hook on a successful rollback.
248 $this->getOutput()->addModules( 'mediawiki.misc-authed-curate' );
249 // Export a success flag to the frontend, so that the mediawiki.misc-authed-curate
250 // ResourceLoader module can use this as an indicator to fire the postEdit hook.
251 $this->getOutput()->addJsConfigVars( [
252 'wgRollbackSuccess' => true,
253 // Don't show an edit confirmation with mw.notify(), the rollback success page
254 // is already a visual confirmation.
255 'wgPostEditConfirmationDisabled' => true,
256 ] );
257
258 if ( $this->userOptionsLookup->getBoolOption( $user, 'watchrollback' ) ) {
259 $this->watchlistManager->addWatchIgnoringRights( $user, $this->getTitle() );
260 }
261
262 $this->getOutput()->returnToMain( false, $this->getTitle() );
263
264 if ( !$request->getBool( 'hidediff', false ) &&
265 !$this->userOptionsLookup->getBoolOption( $this->getUser(), 'norollbackdiff' )
266 ) {
267 $contentModel = $current->getMainContentModel();
268 $contentHandler = $this->contentHandlerFactory->getContentHandler( $contentModel );
269 $de = $contentHandler->createDifferenceEngine(
270 $this->getContext(),
271 $current->getId(),
272 $newId,
273 0,
274 true
275 );
276 $de->showDiff( '', '' );
277 }
278 }
279
280 /**
281 * Enables transactional time limit for POST and GET requests to RollbackAction
282 * @throws ConfigException
283 */
284 private function enableTransactionalTimelimit() {
285 // If Rollbacks are made POST-only, use $this->useTransactionalTimeLimit()
286 wfTransactionalTimeLimit();
287 if ( !$this->getRequest()->wasPosted() ) {
288 /**
289 * We apply the higher POST limits on GET requests
290 * to prevent logstash.wikimedia.org from being spammed
291 */
292 $fname = __METHOD__;
293 $trxLimits = $this->context->getConfig()->get( MainConfigNames::TrxProfilerLimits );
294 $trxProfiler = Profiler::instance()->getTransactionProfiler();
295 $trxProfiler->redefineExpectations( $trxLimits['POST'], $fname );
296 DeferredUpdates::addCallableUpdate( static function () use ( $trxProfiler, $trxLimits, $fname
297 ) {
298 $trxProfiler->redefineExpectations( $trxLimits['PostSend-POST'], $fname );
299 } );
300 }
301 }
302
303 private function showRollbackConfirmationForm() {
304 $form = $this->getForm();
305 if ( $form->show() ) {
306 $this->onSuccess();
307 }
308 }
309
310 protected function getFormFields() {
311 return [
312 'intro' => [
313 'type' => 'info',
314 'raw' => true,
315 'default' => $this->msg( 'confirm-rollback-bottom' )->parse()
316 ]
317 ];
318 }
319 }
MediaWiki Core